Gotham Security Daily Threat Alerts

July 10, Securityweek – (International) Chinese APT group uses Hacking Team’s Flash Player exploit. Security researchers from Volexity reported that the Wekby advanced persistent threat group (APT), also known as APT 18, Dynamite Panda, and TG-0416, was leveraging an Adobe Flash Player exploit revealed through the July breach of the software company Hacking Team by sending spear-phishing emails purporting to be from Adobe which directed users to download a compromised Flash Player file containing malware. Source

July 10, Help Net Security – (International) VMware fixes host privilege escalation bug in Workstation, Player, Horizon View. VMware issued patches addressing a privilege escalation vulnerability in the company’s Workstation, Player, and Horizon View Client for Microsoft Windows in which an attacker could leverage a lack of a discretionary access control list (DACL) in a process to elevate privileges and execute code. Source

July 9, Securityweek – (International) Estonian man pleads guilty to role in DNSChanger botnet scheme. The alleged mastermind of an Estonian-based international cyber fraud group pleaded guilty to his role in a 2007 – 2011 operation dubbed “Ghost Click” in which he and co-conspirators installed the DNSChanger trojan on 4 million computers in over 100 countries and collected over $14 million through clickjacking and ad fraud via the malware. Source

July 9, IDG News Service – (International) Hacking Team claims terrorists can now use its tools. The Italian security company Hacking Team warned July 8 that the release of 400 gigabytes (GB) of internal data in a July 5 breach of its systems represented an “extremely dangerous” situation and that terrorists and other threat actors could potentially leverage available code to deploy software against any target. Source

July 9, Krebs on Security – (National) Credit card breach at a zoo near you. Denver-based Service Systems Associates reported that malware installed on point-of-sale (PoS) credit and debit card processing systems at zoo gifts shops in at least 12 cities nationwide may have compromised the payment information of customers who used the systems between March 23 – June 25. Source

July 10, CNN – (National) OPM government data breach impacted 21.5 million. Federal officials announced July 9 that the June breach of the U.S. Office of Personnel Management’s computer systems affected roughly 21.5 million people, up from the 4.2 million estimate originally announced, including security clearance application information from 19.7 million applicants and information regarding 1.8 million non-applicants comprised of spouses and partners. Source